github.com/erriapo/terraform@v0.6.12-0.20160203182612-0340ea72354f/builtin/providers/cloudstack/resource_cloudstack_egress_firewall_test.go (about) 1 package cloudstack 2 3 import ( 4 "fmt" 5 "strings" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/terraform" 10 "github.com/xanzy/go-cloudstack/cloudstack" 11 ) 12 13 func TestAccCloudStackEgressFirewall_basic(t *testing.T) { 14 resource.Test(t, resource.TestCase{ 15 PreCheck: func() { testAccPreCheck(t) }, 16 Providers: testAccProviders, 17 CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy, 18 Steps: []resource.TestStep{ 19 resource.TestStep{ 20 Config: testAccCloudStackEgressFirewall_basic, 21 Check: resource.ComposeTestCheckFunc( 22 testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"), 23 resource.TestCheckResourceAttr( 24 "cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1), 25 resource.TestCheckResourceAttr( 26 "cloudstack_egress_firewall.foo", "rule.#", "2"), 27 resource.TestCheckResourceAttr( 28 "cloudstack_egress_firewall.foo", 29 "rule.1081385056.cidr_list.3378711023", 30 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 31 resource.TestCheckResourceAttr( 32 "cloudstack_egress_firewall.foo", "rule.1081385056.protocol", "tcp"), 33 resource.TestCheckResourceAttr( 34 "cloudstack_egress_firewall.foo", "rule.1081385056.ports.32925333", "8080"), 35 resource.TestCheckResourceAttr( 36 "cloudstack_egress_firewall.foo", 37 "rule.1129999216.source_cidr", 38 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 39 resource.TestCheckResourceAttr( 40 "cloudstack_egress_firewall.foo", "rule.1129999216.protocol", "tcp"), 41 resource.TestCheckResourceAttr( 42 "cloudstack_egress_firewall.foo", "rule.1129999216.ports.1209010669", "1000-2000"), 43 resource.TestCheckResourceAttr( 44 "cloudstack_egress_firewall.foo", "rule.1129999216.ports.1889509032", "80"), 45 ), 46 }, 47 }, 48 }) 49 } 50 51 func TestAccCloudStackEgressFirewall_update(t *testing.T) { 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 Providers: testAccProviders, 55 CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy, 56 Steps: []resource.TestStep{ 57 resource.TestStep{ 58 Config: testAccCloudStackEgressFirewall_basic, 59 Check: resource.ComposeTestCheckFunc( 60 testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"), 61 resource.TestCheckResourceAttr( 62 "cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1), 63 resource.TestCheckResourceAttr( 64 "cloudstack_egress_firewall.foo", "rule.#", "2"), 65 resource.TestCheckResourceAttr( 66 "cloudstack_egress_firewall.foo", 67 "rule.1081385056.cidr_list.3378711023", 68 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 69 resource.TestCheckResourceAttr( 70 "cloudstack_egress_firewall.foo", "rule.1081385056.protocol", "tcp"), 71 resource.TestCheckResourceAttr( 72 "cloudstack_egress_firewall.foo", "rule.1081385056.ports.32925333", "8080"), 73 resource.TestCheckResourceAttr( 74 "cloudstack_egress_firewall.foo", 75 "rule.1129999216.source_cidr", 76 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 77 resource.TestCheckResourceAttr( 78 "cloudstack_egress_firewall.foo", "rule.1129999216.protocol", "tcp"), 79 resource.TestCheckResourceAttr( 80 "cloudstack_egress_firewall.foo", "rule.1129999216.ports.1209010669", "1000-2000"), 81 resource.TestCheckResourceAttr( 82 "cloudstack_egress_firewall.foo", "rule.1129999216.ports.1889509032", "80"), 83 ), 84 }, 85 86 resource.TestStep{ 87 Config: testAccCloudStackEgressFirewall_update, 88 Check: resource.ComposeTestCheckFunc( 89 testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"), 90 resource.TestCheckResourceAttr( 91 "cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1), 92 resource.TestCheckResourceAttr( 93 "cloudstack_egress_firewall.foo", "rule.#", "3"), 94 resource.TestCheckResourceAttr( 95 "cloudstack_egress_firewall.foo", 96 "rule.59731059.cidr_list.1910468234", 97 CLOUDSTACK_NETWORK_1_IPADDRESS2+"/32"), 98 resource.TestCheckResourceAttr( 99 "cloudstack_egress_firewall.foo", 100 "rule.59731059.cidr_list.3378711023", 101 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 102 resource.TestCheckResourceAttr( 103 "cloudstack_egress_firewall.foo", "rule.59731059.protocol", "tcp"), 104 resource.TestCheckResourceAttr( 105 "cloudstack_egress_firewall.foo", "rule.59731059.ports.32925333", "8080"), 106 resource.TestCheckResourceAttr( 107 "cloudstack_egress_firewall.foo", 108 "rule.1052669680.source_cidr", 109 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 110 resource.TestCheckResourceAttr( 111 "cloudstack_egress_firewall.foo", "rule.1052669680.protocol", "tcp"), 112 resource.TestCheckResourceAttr( 113 "cloudstack_egress_firewall.foo", "rule.1052669680.ports.3638101695", "443"), 114 resource.TestCheckResourceAttr( 115 "cloudstack_egress_firewall.foo", 116 "rule.1129999216.source_cidr", 117 CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"), 118 resource.TestCheckResourceAttr( 119 "cloudstack_egress_firewall.foo", "rule.1129999216.protocol", "tcp"), 120 resource.TestCheckResourceAttr( 121 "cloudstack_egress_firewall.foo", "rule.1129999216.ports.1209010669", "1000-2000"), 122 resource.TestCheckResourceAttr( 123 "cloudstack_egress_firewall.foo", "rule.1129999216.ports.1889509032", "80"), 124 ), 125 }, 126 }, 127 }) 128 } 129 130 func testAccCheckCloudStackEgressFirewallRulesExist(n string) resource.TestCheckFunc { 131 return func(s *terraform.State) error { 132 rs, ok := s.RootModule().Resources[n] 133 if !ok { 134 return fmt.Errorf("Not found: %s", n) 135 } 136 137 if rs.Primary.ID == "" { 138 return fmt.Errorf("No firewall ID is set") 139 } 140 141 for k, id := range rs.Primary.Attributes { 142 if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.#") { 143 continue 144 } 145 146 cs := testAccProvider.Meta().(*cloudstack.CloudStackClient) 147 _, count, err := cs.Firewall.GetEgressFirewallRuleByID(id) 148 149 if err != nil { 150 return err 151 } 152 153 if count == 0 { 154 return fmt.Errorf("Firewall rule for %s not found", k) 155 } 156 } 157 158 return nil 159 } 160 } 161 162 func testAccCheckCloudStackEgressFirewallDestroy(s *terraform.State) error { 163 cs := testAccProvider.Meta().(*cloudstack.CloudStackClient) 164 165 for _, rs := range s.RootModule().Resources { 166 if rs.Type != "cloudstack_egress_firewall" { 167 continue 168 } 169 170 if rs.Primary.ID == "" { 171 return fmt.Errorf("No instance ID is set") 172 } 173 174 for k, id := range rs.Primary.Attributes { 175 if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.#") { 176 continue 177 } 178 179 _, _, err := cs.Firewall.GetEgressFirewallRuleByID(id) 180 if err == nil { 181 return fmt.Errorf("Egress rule %s still exists", rs.Primary.ID) 182 } 183 } 184 } 185 186 return nil 187 } 188 189 var testAccCloudStackEgressFirewall_basic = fmt.Sprintf(` 190 resource "cloudstack_egress_firewall" "foo" { 191 network = "%s" 192 193 rule { 194 cidr_list = ["%s/32"] 195 protocol = "tcp" 196 ports = ["8080"] 197 } 198 199 rule { 200 source_cidr = "%s/32" 201 protocol = "tcp" 202 ports = ["80", "1000-2000"] 203 } 204 }`, 205 CLOUDSTACK_NETWORK_1, 206 CLOUDSTACK_NETWORK_1_IPADDRESS1, 207 CLOUDSTACK_NETWORK_1_IPADDRESS1) 208 209 var testAccCloudStackEgressFirewall_update = fmt.Sprintf(` 210 resource "cloudstack_egress_firewall" "foo" { 211 network = "%s" 212 213 rule { 214 cidr_list = ["%s/32", "%s/32"] 215 protocol = "tcp" 216 ports = ["8080"] 217 } 218 219 rule { 220 source_cidr = "%s/32" 221 protocol = "tcp" 222 ports = ["80", "1000-2000"] 223 } 224 225 rule { 226 source_cidr = "%s/32" 227 protocol = "tcp" 228 ports = ["443"] 229 } 230 }`, 231 CLOUDSTACK_NETWORK_1, 232 CLOUDSTACK_NETWORK_1_IPADDRESS1, 233 CLOUDSTACK_NETWORK_1_IPADDRESS2, 234 CLOUDSTACK_NETWORK_1_IPADDRESS1, 235 CLOUDSTACK_NETWORK_1_IPADDRESS1)